package com.hyyt.shopjsp.common.interceptor;

import java.io.IOException;
import java.security.Principal;
import java.util.List;

import javax.annotation.Resource;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.hyyt.shopjsp.basic.pojo.BasicActor;
import com.hyyt.shopjsp.basic.pojo.BasicUsers;
import com.hyyt.shopjsp.basic.service.IBasicActorService;
import com.hyyt.shopjsp.basic.service.IBasicUsersService;
import com.hyyt.shopjsp.util.common.Utils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;

/**
 * Copyright (c) 2016 ShopJsp. All Rights Reserved.
 * ============================================================================
 * 版权所有 2011 - 今 北京华宇盈通科技有限公司，并保留所有权利。
 * ----------------------------------------------------------------------------
 * 提示：在未取得SHOPJSP商业授权之前，您不能将本软件应用于商业用途，否则SHOPJSP将保留追究的权力。
 * ----------------------------------------------------------------------------
 * 官方网站：http://www.shopjsp.com
 * ============================================================================
 * @author CuiYS on 2016/10/27 0027上午 11:31.
 */
public class ShiroInterceptor implements Filter {

    @Resource
    private IBasicUsersService basicUsersService;
    @Resource
    private IBasicActorService basicActorService;

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest httpRequest = (HttpServletRequest) request;
        HttpServletResponse httpResponse = (HttpServletResponse) response;
        Principal principal = httpRequest.getUserPrincipal();
        String loginName = principal.getName();
        if (principal != null) {
            Subject subjects = SecurityUtils.getSubject();

            //到数据库查是否有此对象
            BasicUsers users = basicUsersService.getBasicUsersByUserName(loginName);                   //从数据库中获取对应用户名对应的user
            if (Utils.objectIsNotEmpty(users)) {
                //查询出用户的所有角色
                List<BasicActor> basicActors = basicActorService.queryAllBasicActorByUsersId(users.getUsersId());
                if (Utils.objectIsNotEmpty(basicActors) && basicActors.size() > 0) {
                    users.setBasicActors(basicActors);
                }
                UsernamePasswordToken token = new UsernamePasswordToken(users.getUserName(), users.getPassword());
                subjects = SecurityUtils.getSubject();
                subjects.login(token);
                subjects.getSession();
            } else {
                // 如果用户为空，则subjects信息登出
                if (subjects != null) {
                    subjects.logout();
                }
            }

        }
        chain.doFilter(httpRequest, httpResponse);
    }

    @Override
    public void destroy() {

    }
}
